[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: a brief comparison of e-mail encryption protocols



Derek rites:
>Oh, of course the central keyserver model would disappear, but I'm
>still trying to design a system which is as compact as possible.

I disagree but then my worldview is different. For personal use the
compact distributed system is workable however when you start thinking
in terms of a large distributed organization, the quanta changes.

Mention was made of the difficulty of handling 20,000 keys. I am looking at
over 80,000 today and over 200,000 tomorrow *for a single organization*. For
quantities like this, a hierarchial system of management seems inevitable.

First, I am not about to give up my personal PGP key, it is trustworthy and
effective for my needs. It is not necessarily incompatable with an 
organizational structure.

However *for the organization* something else is needed. I can see a 
future in which the bulk of the population has only two keys: their own
and the punlic key of their post office (not talking USNail - private ones
though not saying the US might not operate one as well).

Messages are composed with addressing and encrypted with the PO key. PO
decrypts message key (NOT necessarily message but that will have to rely
on trust - nothing will stop double wrapping anyway), checks address list,
retrieves key for each adressee, adds header & sends copy (may use single 
mailing for group at distant post office but that is getting ahead).

If recipient key is not found, adressee wil be removed from list and
notice sent back to originator. If plaintext is desired, special operation 
will be required.

As noted, a hierarchal mechanism will be needed for key retrieval - only local
keys and "frequent fliers" will be kept locally. Not new concept, just
not used by post offices that I know of today.

Will need a bit of fleshing out and expect the end-state to be 2-4 years out
but is a good time to think about it.
					Warmly,
						Padgett